ocbitcoin (OP)
Newbie
Offline
Activity: 19
Merit: 0


September 19, 2013, 03:55:46 AM 

I am familiar with using bitaddress.org to generate addresses. I am not sure how the random numbers are generated.
If I want to use dice to tediously generate a 260 bit random number, how can I use that random number to generate a private key / public address?
I have no programming expertise. Thanks!!




casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)


September 19, 2013, 04:01:25 AM 

Just about any random 256bit number constitutes a valid private key. All you need to do, then, is calculate the bitcoin address for it. https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.



jl2012
Legendary
Offline
Activity: 1792
Merit: 1111


September 19, 2013, 05:05:04 AM 

I am familiar with using bitaddress.org to generate addresses. I am not sure how the random numbers are generated.
If I want to use dice to tediously generate a 260 bit random number, how can I use that random number to generate a private key / public address?
I have no programming expertise. Thanks!!
Transform it to a 256bit Hex number and it is already the private key. Then use this to generate the public address: https://www.bitaddress.org/bitaddress.orgv2.4SHA11d5951f6a04dd5a287ac925da4e626870ee58d60.htmlFor safety, you should save the javascript and run it on an offline computer

Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY) LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC) PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517



Nancarrow


September 19, 2013, 07:46:24 AM 

I am familiar with using bitaddress.org to generate addresses. I am not sure how the random numbers are generated.
If I want to use dice to tediously generate a 260 bit random number, how can I use that random number to generate a private key / public address?
I have no programming expertise. Thanks!!
I use four 16sided dice from here: http://www.thediceshoponline.com/dicesearch/D16I use four different pretty colours and decide on their order in advance. Each throw gives me 16 bits. So eight such throws give you 128 bits, enough for an electrum wallet seed, while 16 throws give you 256 bits, which (pretty much always) make a private key. If you don't have and don't want to buy 16sided dice, but you have ordinary cubies lying around, you could, say, throw a pair of dice. If the first dice comes up 'm' and the second comes up 'n', work out 6*(m1)+(n1). If it's between 0 and 31, convert to binary and you have five bits. If it's between 32 and 35 you'd better throw again. Once you have a dicegenerated private key you will really HAVE to use a computer to get the public key from it. jl2012's link looks good, though it bears repeating that YOU MUST RUN IT OFFLINE. You may want to eat the computer afterwards to be absolutely sure.

If I've said anything amusing and/or informative and you're feeling generous: 1GNJq39NYtf7cn2QFZZuP5vmC1mTs63rEW



DannyHamilton
Legendary
Offline
Activity: 3472
Merit: 4771


September 19, 2013, 10:10:53 PM 

 snip  If you don't have and don't want to buy 16sided dice, but you have ordinary cubies lying around, you could, say, throw a pair of dice. If the first dice comes up 'm' and the second comes up 'n', work out 6*(m1)+(n1). If it's between 0 and 31, convert to binary and you have five bits. If it's between 32 and 35 you'd better throw again.  snip 
Seems like such a waste of effort to have to keep throwing again every time the first die comes up 6 and the second comes up higher than 2. Perhaps instead, throw one die 99 times  or a pair of color coded dice 49 times, plus an additional throw of a single die
 or a color coded set of 3 dice 33 times
 or a color coded set of 4 dice 24 times, plus an additional throw of 3 dice
 or a color coded set of 5 dice 19 times, plus an additional throw of 4 dice
 or. . . (well, you get the point. 99 distinct ordered values from 6 sided dice)
Then you can subtract 1 from each value rolled and write it down as a 99 digit number in base 6. Voila. You've got yourself a private key with more than 255 bits of information. Now you can convert the number to binary, or hex, or base58, or decimal, or however it is that you like to represent your private keys and use whatever method you prefer to calculate the public key. Rather than trusting bitaddress, you could convert to WIF and then import the generated private key into BitcoinQt running on an offline computer? Then BitcoinQt should calculate the address for you, right?




Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto


September 20, 2013, 01:39:37 PM 

That's what I suggested somewhere else. Roll a 6 sided casino grade dice, about 100 times. If you get a 1, write down 0. If you get a 2, write down 1. If you get a 3, write down 2. If you get a 4, write down 3. If you get a 5, write down 4. If you get a 6, write down 5. base6 number = 3315135445300124430102440020244024024200400400022442224420424444024020024240204 40440400202424020222 convert to base 16 = 8E85A30B4276949DBFBC8771EDC4BCF98B66785E68D22D162CE6E8D69D50819B which is: Private Key: L1zkkHQDDtQTDRtZQwJJxATFrDMTstGxMsKhxySaa4vqEFtwtnmd Bitcoin Address: 16PYKf15c4kH7jYM4MTwQCgcmYuviLxGxB You could also use 16 sided dice, there's one that's even called and labeled "hexadecimal dice".




JompinDox
Member
Offline
Activity: 107
Merit: 10


November 11, 2013, 07:45:58 PM 

This 30line Python script will do the hard work for you, and even give you easytoremember mnemonics! It even works on my Android phone (after getting Qpython from the Play Store.) You still need the dice, though https://bitcointalk.org/index.php?topic=308972.0example: 07/11/2013 15:29:32.27> nb_create 35412 13263 66533 45163 13165 41255 62216 18FmQmp5EezkXUv22ZY2PeCpsdAuN1aGV1 == knobs bands future pens bacon aliens unix

Tips? 1ELECeJompinDox61L73eAUyaWpe3Q5HZB Down with socks!



domob
Legendary
Offline
Activity: 1135
Merit: 1170


November 12, 2013, 07:13:09 AM 

Not exactly the answer to the precise question, but what I did is to write up a "random file" containing data from /dev/random, hacking on the keyboard, and just a writeup of some dice rolls. Any way you like, how many you like, just as it suits you. Then hash the file with SHA256 to get the private key.

Use your Namecoin identity as OpenID: https://nameid.org/Donations: 1 domobKsPZ5cWk2kXssD8p8ES1qffGUCm  NMC: NC domobcmcmVdxC5yxMitojQ4tvAtv99pY BMGtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS  GPG 0xA7330737



etotheipi
Legendary
Offline
Activity: 1428
Merit: 1093
Core Armory Developer


November 12, 2013, 06:10:00 PM 

Another way to do this, for "perfect" entropy calculation is to roll sixsided dice and write down bits. Then convert those directly to a private key.
If you roll:
1: write down "00" 2: write down "01" 3: write down "10" 4: write down "11" 5: write down "0" 6: write down "1"
Yes, you only get one bit when you roll a 5 or 6, two bits for everything else. Stop when you have written down 128, 160, 192 or 256 bits (whatever your preference is). If the dice rolls are perfectly random, so will your resulting binary string.




deepceleron
Legendary
Offline
Activity: 1512
Merit: 1036


November 13, 2013, 02:06:00 AM Last edit: November 13, 2013, 02:45:44 AM by deepceleron 

Another way to do this, for "perfect" entropy calculation is to roll sixsided dice and write down bits. Then convert those directly to a private key...
Bleah, I coded some python to turn anysided dice into a fullstrength private key, no hashes. The answer is it takes a LOT of dice rolling, less than 100 d6's is not a fullstrength key. I quit at an unencoded 64 byte hex key, you can convert it to an importable key/address with http://bitaddress.org or such. **Dice to Bitcoin private key generator** >How many sides on your dice?:6 Need 100 rolls of 6sided dice. (258.496250072 bits) Number of dice rolls so far: 0, need 100 more. input dice rolling results, no space between rolls:) >22222222222222333333333333333 Number of dice rolls so far: 29, need 71 more. input dice rolling results, no space between rolls:) >2222222222244444444444 Number of dice rolls so far: 51, need 49 more. input dice rolling results, no space between rolls:) >2222222222333333333 Number of dice rolls so far: 70, need 30 more. input dice rolling results, no space between rolls:) >1 Number of dice rolls so far: 71, need 29 more. input dice rolling results, no space between rolls:) >55555555555 Number of dice rolls so far: 82, need 18 more. input dice rolling results, no space between rolls:) >333333 Number of dice rolls so far: 88, need 12 more. input dice rolling results, no space between rolls:) >55555555 Number of dice rolls so far: 96, need 4 more. input dice rolling results, no space between rolls:) >222222222 raw private key: 218c3c240686849676c9828fc5fd8749860365a0ed82ebe3e601a2b9a039f333
Or if you want to see what it looks like with bits or coin flips: **Dice to Bitcoin private key generator** >How many sides on your dice?:2 Need 256 rolls of 2sided dice. (256.0 bits) Number of dice rolls so far: 0, need 256 more. input dice rolling results, no space between rolls:) >1111111111111111111111111111111122222222222222222222222222222222111111111111111 1111111111111111122222222222222222222222222222222 Number of dice rolls so far: 128, need 128 more. input dice rolling results, no space between rolls:) >1111111111111111111111111111111122222222222222222222222222222222111111111111111 1111111111111111122222222222222222222222222222222 raw private key: ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000 import math keyval = 0 sides = '' roll_list = [] maxkey = int('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', base=16)
while not sides.isdigit() or int(sides) < 2: sides = raw_input('**Dice to Bitcoin private key generator**\n>How many sides on your dice?:') sides = int(sides) rolls = int(math.ceil(math.log(maxkey, sides))) print "Need %s rolls of %ssided dice. (%s bits)" % (rolls, sides, math.log(math.pow(sides, rolls), 2))
while len(roll_list) < rolls: print "Number of dice rolls so far: %s, need %s more." % (len(roll_list), rollslen(roll_list)) if sides < 10: rollinput = raw_input('input dice rolling results, no space between rolls:)\n>') rollinput = list(rollinput) else: rollinput = raw_input('input dice rolling results,separated by spaces:)\n>') rollinput = rollinput.split()
add_rolls = [] for inputitem in rollinput: if not inputitem.isdigit() or int(inputitem) < 1 or int(inputitem) > sides: print "**invalid dice roll detected: '%s', discarding all input " % inputitem break add_rolls.append(int(inputitem))
roll_list.extend(add_rolls)
for i in range(rolls): keyval += (roll_list[i]1) * sides ** i
hexkey = "{0:064x}".format(keyval)[64:] # truncate to 64 bytes hex
if int(hexkey, base=16) > maxkey or int(hexkey, base=16) < 1: raise Exception('Wow, invalid key, try again!')
print "raw private key: ", hexkey Not a problem to roll that many dice if you've got a diceomatic, though.




Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto


November 13, 2013, 03:25:31 AM 

You know, since the OP talked about lack of experience in programming, there is a simplified method that works with just bitaddress.org
Roll the dice 100 times. Write down the sequence.
Example:
3315135445366124436162446626244624624266466466622442224426424444624626624246264 464464662624246262224
Then you use that as the brain wallet passphrase in bitaddress.org
Uncompressed 1JGHFyjsnyQHnW29ygv19Qz4p2WRQAqwcs 5KjcaDDnmNhSWG33bt6rQ9LeJyfE2mjrrGPbqbFwJj6ruPnHw2v
And if you want the compressed version, just copy the private key to the wallet details tab.
Compressed 12WQuVvxwbVz17NLjgUJJgwsw5BhgAbqkA L5h61awSzrmVa9N2UxYq39ohgM5iWpUB2SvkmUCvhEpsFrDLCTVL
Easy. Works. Can not be brute forced. Make sure to roll the dice properly (roll it from far away and make it bounce against the other side.)




etotheipi
Legendary
Offline
Activity: 1428
Merit: 1093
Core Armory Developer


November 13, 2013, 05:02:58 AM 

You know, since the OP talked about lack of experience in programming, there is a simplified method that works with just bitaddress.org
Roll the dice 100 times. Write down the sequence.
Example:
3315135445366124436162446626244624624266466466622442224426424444624626624246264 464464662624246262224
Then you use that as the brain wallet passphrase in bitaddress.org
Uncompressed 1JGHFyjsnyQHnW29ygv19Qz4p2WRQAqwcs 5KjcaDDnmNhSWG33bt6rQ9LeJyfE2mjrrGPbqbFwJj6ruPnHw2v
And if you want the compressed version, just copy the private key to the wallet details tab.
Compressed 12WQuVvxwbVz17NLjgUJJgwsw5BhgAbqkA L5h61awSzrmVa9N2UxYq39ohgM5iWpUB2SvkmUCvhEpsFrDLCTVL
Easy. Works. Can not be brute forced. Make sure to roll the dice properly (roll it from far away and make it bounce against the other side.)
I approve of the "generate a shitload of entropy and hash it" method. The reason I recommended my method is because it could be done with pen&paper, without any external functions. You can actually get a full hex private key without touching any external scripts or figuring out how to securely/privately execute hashes. Can be useful in some situations for people with nil programming experience. But I also wasn't aware that many tools will do the hashing for you.




DannyHamilton
Legendary
Offline
Activity: 3472
Merit: 4771


November 13, 2013, 05:20:31 AM 

Not a problem to roll that many dice if you've got a diceomatic, though. I want one!




Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto


November 13, 2013, 05:46:40 AM 

Some random dice rolls: 1515114655216115325642122225123253326422451141433346533141245222355351253322551 313634412352614264331 2443565212225612534555441166434331222244135565343252545521434253121562321443242 645511161421141542666 3625264632525323244536332552434513165352251263436321261524453551222433655626535 452245321333222534164 4141544241264462335153442225243422414232216646413144256143554416544246243141211 643563346263221443224 5361516555412114352626236336355256416333452441216245241432132543254145325513564 146253115163351263226 6314454446362462314626514444266211353522544624164642353465323155435124426666663 531545161262163664246 I like this one though: http://pwgenwin.sourceforge.net/index.html




jl2012
Legendary
Offline
Activity: 1792
Merit: 1111


November 13, 2013, 06:18:18 AM 

You know, since the OP talked about lack of experience in programming, there is a simplified method that works with just bitaddress.org
Roll the dice 100 times. Write down the sequence.
Example:
3315135445366124436162446626244624624266466466622442224426424444624626624246264 464464662624246262224
Then you use that as the brain wallet passphrase in bitaddress.org
Uncompressed 1JGHFyjsnyQHnW29ygv19Qz4p2WRQAqwcs 5KjcaDDnmNhSWG33bt6rQ9LeJyfE2mjrrGPbqbFwJj6ruPnHw2v
And if you want the compressed version, just copy the private key to the wallet details tab.
Compressed 12WQuVvxwbVz17NLjgUJJgwsw5BhgAbqkA L5h61awSzrmVa9N2UxYq39ohgM5iWpUB2SvkmUCvhEpsFrDLCTVL
Easy. Works. Can not be brute forced. Make sure to roll the dice properly (roll it from far away and make it bounce against the other side.)
I approve of the "generate a shitload of entropy and hash it" method. The reason I recommended my method is because it could be done with pen&paper, without any external functions. You can actually get a full hex private key without touching any external scripts or figuring out how to securely/privately execute hashes. Can be useful in some situations for people with nil programming experience. But I also wasn't aware that many tools will do the hashing for you. Anyway, it is not possible to derive the public key and the address without using using a computer

Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY) LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC) PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517



etotheipi
Legendary
Offline
Activity: 1428
Merit: 1093
Core Armory Developer


November 13, 2013, 06:25:04 AM 

I approve of the "generate a shitload of entropy and hash it" method. The reason I recommended my method is because it could be done with pen&paper, without any external functions. You can actually get a full hex private key without touching any external scripts or figuring out how to securely/privately execute hashes. Can be useful in some situations for people with nil programming experience.
But I also wasn't aware that many tools will do the hashing for you.
Anyway, it is not possible to derive the public key and the address without using using a computer [/quote] Sure. But you're plugging it into an app that will generate that for you. Not all apps will apply hashes for you.




blub
Member
Offline
Activity: 88
Merit: 10


November 13, 2013, 10:05:51 AM 

Anyway, it is not possible to derive the public key and the address without using using a computer
It is quite possible to do this with pen and paper. I don't know the ripdem algorithm, but the sha and key multiplication could be done in a few hours of concentrated work(and a few hours on the next day to check). Nothing you want to do, but otherwise, if you can't trust any of your hardware, it could be the ultima ratio.




jl2012
Legendary
Offline
Activity: 1792
Merit: 1111


November 13, 2013, 10:27:52 AM 

Anyway, it is not possible to derive the public key and the address without using using a computer
It is quite possible to do this with pen and paper. I don't know the ripdem algorithm, but the sha and key multiplication could be done in a few hours of concentrated work(and a few hours on the next day to check). Nothing you want to do, but otherwise, if you can't trust any of your hardware, it could be the ultima ratio. Before doing the calculation you may want to wrap the room and your head with tinfoil

Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY) LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC) PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517



Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto


November 13, 2013, 11:49:22 AM 

uh.. more like a few weeks. You can't do the work manually. It's too much. This has been discussed before. You would have to work nonstop for a few weeks straight, on the assumption that you can do several CORRECT calculations per minute, without breaks, and without sleep.
I know a drug that supposedly works to keep you awake, as coffee won't work after the first 72 hours. You will eventually need to rest, and then that doubles the time.
Plus, you want to double check that you finally got the correct address, so you'll want to do everything again after you're done.
For one bitcoin address.
Just use an offline computer.




Abdussamad
Legendary
Offline
Activity: 3640
Merit: 1571


November 15, 2013, 05:59:08 PM 

Anyway, it is not possible to derive the public key and the address without using using a computer
It is quite possible to do this with pen and paper. I don't know the ripdem algorithm, but the sha and key multiplication could be done in a few hours of concentrated work(and a few hours on the next day to check). Nothing you want to do, but otherwise, if you can't trust any of your hardware, it could be the ultima ratio. No it can't be done manually. Jackjack explained it all in another thread where this came up. Search for it. Anyway a lot of the heavy weights are in this thread. I would have thought that generating private keys manually might be termed a little extreme.




